Configuring a Firewall's ACL for Outgoing Traffic | Exam N10-007 Solution

Resolving Issues with Firewall Configuration

Prev Question Next Question

Question

A network technician configures a firewall's ACL to allow outgoing traffic for several popular services such as email and web browsing.

However, after the firewall's deployment, users are still unable to retrieve their emails.

Which of the following would BEST resolve this issue?

A.

Allow the firewall to accept inbound traffic to ports 25, 67, 179, and 3389 B.

Allow the firewall to accept inbound traffic to ports 80, 110, 143, and 443 C.

Set the firewall to operate in transparent mode D.

Allow the firewall to accept inbound traffic to ports 21, 53, 69, and 123

B.

Explanations

A network technician configures a firewall's ACL to allow outgoing traffic for several popular services such as email and web browsing.

However, after the firewall's deployment, users are still unable to retrieve their emails.

Which of the following would BEST resolve this issue?

A.

Allow the firewall to accept inbound traffic to ports 25, 67, 179, and 3389

B.

Allow the firewall to accept inbound traffic to ports 80, 110, 143, and 443

C.

Set the firewall to operate in transparent mode

D.

Allow the firewall to accept inbound traffic to ports 21, 53, 69, and 123

B.

The issue described in this scenario is that the firewall is blocking outgoing traffic for email, which is preventing users from retrieving their emails. To resolve this issue, the firewall's ACL needs to be modified to allow outgoing traffic for email.

Option A suggests allowing inbound traffic to ports 25, 67, 179, and 3389, but these ports are typically used for SMTP (Simple Mail Transfer Protocol), DHCP (Dynamic Host Configuration Protocol), BGP (Border Gateway Protocol), and RDP (Remote Desktop Protocol) respectively, and do not address the issue at hand.

Option B suggests allowing inbound traffic to ports 80, 110, 143, and 443, which are commonly used for HTTP (Hypertext Transfer Protocol), POP3 (Post Office Protocol version 3), IMAP (Internet Message Access Protocol), and HTTPS (Hypertext Transfer Protocol Secure) respectively. However, these are inbound ports and would not necessarily resolve the issue with outbound traffic for email.

Option C suggests setting the firewall to operate in transparent mode, but this would not address the issue with the ACL blocking outgoing traffic for email.

Option D suggests allowing inbound traffic to ports 21, 53, 69, and 123, which are commonly used for FTP (File Transfer Protocol), DNS (Domain Name System), TFTP (Trivial File Transfer Protocol), and NTP (Network Time Protocol) respectively. Similar to option A, these ports do not address the issue at hand.

Therefore, the BEST option to resolve the issue would be to modify the firewall's ACL to allow outgoing traffic for email, which was the original issue. However, the scenario does not provide enough information about which ports or protocols are being used for email, so the specific ports or protocols that need to be allowed would depend on the email service being used.